6061cd7e954e258ac581d6fd844e8e0946fc295d62edc36c30de653626a18cbc | Triage

Sharing

General

Target

2024-07-07_ae934eb0e644a1adeaab608ed5b556d4_bkransomware
Size

96KB
Sample

240707-2hxjbszbrj
MD5

ae934eb0e644a1adeaab608ed5b556d4
SHA1

5064440e017f04107303e4e4ca2b867dbc6954f1
SHA256

6061cd7e954e258ac581d6fd844e8e0946fc295d62edc36c30de653626a18cbc
SHA512

60cc73736a38f1bf4f1e0a93b18eec15ec2aafab5f249a4629e3f720f3b700af5a185edc401704608f7ca3d5ae00cc06b4c1905868146c405b2598283de5e642
SSDEEP

1536:Fc897UsWjcd9w+AyabjDbxE+MwmvlDuazTkfRvvdiSzbxdYqhm:ZhpAyazIlyazTkVvdiIdYqM

Score

7^/10

persistence spyware stealer

Malware Config

Targets

- Target
  
  2024-07-07_ae934eb0e644a1adeaab608ed5b556d4_bkransomware
- Size
  
  96KB
- MD5
  
  ae934eb0e644a1adeaab608ed5b556d4
- SHA1
  
  5064440e017f04107303e4e4ca2b867dbc6954f1
- SHA256
  
  6061cd7e954e258ac581d6fd844e8e0946fc295d62edc36c30de653626a18cbc
- SHA512
  
  60cc73736a38f1bf4f1e0a93b18eec15ec2aafab5f249a4629e3f720f3b700af5a185edc401704608f7ca3d5ae00cc06b4c1905868146c405b2598283de5e642
- SSDEEP
  
  1536:Fc897UsWjcd9w+AyabjDbxE+MwmvlDuazTkfRvvdiSzbxdYqhm:ZhpAyazIlyazTkVvdiIdYqM
Score

7^/10

persistence spyware stealer
- Executes dropped EXE
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

persistencespywarestealer

behavioral2

persistencespywarestealer